|
The government has quietly notified
Community Access Programs across the country that it is cutting funding
for the longstanding program that provides Internet access to the
public. Statistics Canada's 2010
Canadian Internet Use Study found that 54% of low income Canadians
still do not have Internet access at home. Industry Canada conducted
an audit of the program in 2009.
cap, community access program, funding cut Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareMonday April 09, 2012 |
|
|
In what feels like an April Fool's joke but isn't, the Canadian
government will conduct
a review of Target's entry into Canada on the grounds that it sells
cultural products such as books. I wrote
about the need to drop restrictions on bookseller restrictions in 2010
when Amazon created its own Canadian distribution channel.
culture review, target Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareMonday April 09, 2012 |
|
|
Estately, a Seattle-based online real estate site, filed
a DMCA takedown notice against Sutton WestCoast over the look and feel
of its website. The complaint succeeded
in taking the Canadian site offline.
copyright, estately, sutton Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareMonday April 09, 2012 |
|
The government has placed Bill C-30, the lawful access/online
surveillance bill on hold, but there is no reason to believe it is
going away. In fact, a recent report Standing Committee on Justice and
Human Rights
suggests that the changes coming to the bill may not address public
concern but rather expand lawful access requirements even further. The
committee report
on the State of Organized Crime that includes recommendations that
reinforce Bill C-30's mandatory warrantless disclosure of subscriber
information and envision going beyond the bill by requiring both
telecom companies and device manufacturers to assist in the decryption
of encrypted communications as well as exploring mandatory verification
of the
identity of cellphone users.
Read More ...
On subscriber information disclosure, the report's recommendations
state:
The Committee recommends the
establishment of a statutory mechanism enabling law enforcement
agencies, without a warrant, to require telecommunication service
providers to disclose basic information identifying their subscribers.
Privacy measures would have to be created, however, and prior court
authorization would always be required to allow these agencies to
intercept private communications.
This is a reaffirmation of Bill C-30 that has been the subject of
widespread criticism from Canadians across the political spectrum.
The report also recommends expanding the lawful access bill by
including provisions not currently found in Bill C-30. For example:
The Committee recommends that the
Government of Canada introduce legislation requiring telecommunications
service providers and telecommunications device manufacturers to
decrypt legally intercepted communications or to provide assistance to
law enforcement agencies in this regard.
This recommendation goes well beyond what is currently found in the
lawful access legislation as the discussion specifically points to
Research in Motion and other smartphone device manufacturers as being
targeted with the decryption requirements. Moreover, Bill C-30 only
requires telecom companies to decrypt if they have the technical
capability, while this recommendation seems to envision a stronger,
positive requirement. The report also recommends verification
requirements on cellphone purchasers:
The Committee recommends that the
Government of Canada examine the possibility of requiring cell phone
merchants to verify the identity of purchasers. It could also determine
whether it would be appropriate to impose the same requirement on
telecommunications service providers.
The report includes a dissenting opinion from the NDP on the lawful
access recommendations. There does not appear to be a similar
dissent
from the Liberals, who were represented on the committee by Irwin
Cotler. Postmedia covered the release of the report but the
article is
no longer available on its media sites. The article included specific
comments from Bell that
suggest its primary concern associated with these demands boils down to
questions of who will bear the costs. A company spokesperson stated
"our primary concern in this area has always been the capacity of
industry to implement any new requirements and who bears the cost."
That is a troubling position for many Canadians who rightly expect
their telecom companies to also be concerned with the privacy of their
customers. After the outcry in February over Bill C-30, many also
expected the government to be open to change on lawful access, yet this
report suggests that the changes may not be what many were anticipating.
c-30, lawful access, privacy Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareWednesday April 04, 2012 |
|
View
|
|
|
David Martin, the ACTA rapporteur at the European Parliament, has
published an op-ed
expressing skepticism about the agreement's effectiveness, noting "so
far there is little evidence that it will have the intended effect.
Indeed several non-signatories have stressed their opposition to the
agreement."
acta, european parliament, martin Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareWednesday April 04, 2012 |
|
Libraries on Nova Scotia's South Shore are boycotting
Random House, one of the world's largest book publishers, due to its
e-book pricing demands. The publisher is charging as much as three
times as much for downloadable book as for a print version.
e-books, random house Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareTuesday April 03, 2012 |
|
The recent New Democratic Party convention in Toronto may have done
more than just select Thomas Mulcair as the party's new leader.
My weekly technology law column (Toronto
Star version, homepage
version) notes that it may
have also buried the prospect of online voting in Canada for the
foreseeable future. While Internet-based voting supporters have
consistently maintained that the technology is safe and secure, the
NDP's experience - in which a denial of service attack resulted in long
delays and inaccessible websites - demonstrates that turning to
Internet voting in an election involving millions of voters would be
irresponsible and risky.
As voter turnout has steadily declined in recent years, Elections
Canada has focused on increasing participation by studying
Internet-based voting alternatives. The appeal of online voting is
obvious. Canadians bank online, take education courses online, watch
movies online, share their life experiences through social networks
online, and access government information and services online. Given
the integral role the Internet plays in our daily lives, why not vote
online as well?
The NDP
experience provides a compelling answer.
Read More ...
Democracy depends upon a fair, accurate, and transparent electoral
process with independent verification of the results. Conventional
voting may typically require heading down to the polling station, but
doing so accomplishes many of these goals. Private polling stations
enable citizens to cast their votes anonymously, election day
scrutineers provide oversight, and paper-based ballots can be
re-counted if needed.
There are ways to build anonymity and oversight into an online election
process, but as the NDP experienced, there is no way to guarantee it
will be disruption-free. In the NDP's case, 10,000 computers were used
in a distributed denial-of-service attack designed to overwhelm the
online voting system and effectively render it unusable for authorized
voters.
The only real surprise about the attack is that it took anyone by
surprise. Not only is a denial-of-service attack typically cited as the
most likely security disruption, the NDP experienced much the same
thing at its last leadership convention in 2003. Reports
from that
convention - which only involved a single ballot to elect Jack Layton
as the new party leader - indicate that there was a denial-of-service
attack that similarly delayed the voting process.
Online voting threats are not limited to denial-of-service attacks.
Security
experts point to the danger of counterfeit websites, phishing
attacks, hacks into the election system, or the insertion of computer
viruses that tamper with election results as real world threats to an
Internet-based voting system.
While several Canadian municipalities have successfully used Internet
voting, those elections were unlikely to be viewed as "targets" for
attack since groups seeking to disrupt an online election will likely
prefer to take aim at high profile events that offer maximum exposure.
Douglas Jones and Barbara Simons, the authors of the forthcoming book
Broken
Ballots: Will Your Vote Count, note that "people running
pilots
are likely to declare success, in spite of any problems that might crop
up. However, it is dangerous to draw conclusions from what appears to
be a successful Internet voting pilot. If the election is
insignificant, there is little to no motivation to sabotage the
election."
National or provincial campaigns clearly qualify as sufficiently
significant to represent an inviting target. There are no "do overs"
with elections nor the possibility of keeping online polling open for
hours or days to ensure that all citizens can exercise their right to
vote. Elections Canada may be anxious to increase voter turnout,
but
the recent NDP experience suggests that jumping on the online voting
bandwagon could place the validity of the election process at risk.
ndp, online voting Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareTuesday April 03, 2012 |
|
View
|
|
Appeared
in the Toronto Star on April 1, 2012 as Internet Voting Carries Risk As
Shown By NDP Experience
The recent New Democratic Party convention in Toronto may have done
more than just select Thomas Mulcair as the party's new leader.
It may
have also buried the prospect of online voting in Canada for the
foreseeable future. While Internet-based voting supporters have
consistently maintained that the technology is safe and secure, the
NDP's experience - in which a denial of service attack resulted in long
delays and inaccessible websites - demonstrates that turning to
Internet voting in an election involving millions of voters would be
irresponsible and risky.
As voter turnout has steadily declined in recent years, Elections
Canada has focused on increasing participation by studying
Internet-based voting alternatives. The appeal of online voting is
obvious. Canadians bank online, take education courses online, watch
movies online, share their life experiences through social networks
online, and access government information and services online. Given
the integral role the Internet plays in our daily lives, why not vote
online as well?
The NDP
experience provides a compelling answer.
Democracy depends upon a fair, accurate, and transparent electoral
process with independent verification of the results. Conventional
voting may typically require heading down to the polling station, but
doing so accomplishes many of these goals. Private polling stations
enable citizens to cast their votes anonymously, election day
scrutineers provide oversight, and paper-based ballots can be
re-counted if needed.
There are ways to build anonymity and oversight into an online election
process, but as the NDP experienced, there is no way to guarantee it
will be disruption-free. In the NDP's case, 10,000 computers were used
in a distributed denial-of-service attack designed to overwhelm the
online voting system and effectively render it unusable for authorized
voters.
The only real surprise about the attack is that it took anyone by
surprise. Not only is a denial-of-service attack typically cited as the
most likely security disruption, the NDP experienced much the same
thing at its last leadership convention in 2003. Reports
from that
convention - which only involved a single ballot to elect Jack Layton
as the new party leader - indicate that there was a denial-of-service
attack that similarly delayed the voting process.
Online voting threats are not limited to denial-of-service attacks.
Security experts point to the danger of counterfeit websites, phishing
attacks, hacks into the election system, or the insertion of computer
viruses that tamper with election results as real world threats to an
Internet-based voting system.
While several Canadian municipalities have successfully used Internet
voting, those elections were unlikely to be viewed as "targets" for
attack since groups seeking to disrupt an online election will likely
prefer to take aim at high profile events that offer maximum exposure.
Douglas Jones and Barbara Simons, the authors of the forthcoming book
Broken
Ballots: Will Your Vote Count, note that "people running
pilots
are likely to declare success, in spite of any problems that might crop
up. However, it is dangerous to draw conclusions from what appears to
be a successful Internet voting pilot. If the election is
insignificant, there is little to no motivation to sabotage the
election."
National or provincial campaigns clearly qualify as sufficiently
significant to represent an inviting target. There are no "do overs"
with elections nor the possibility of keeping online polling open for
hours or days to ensure that all citizens can exercise their right to
vote. Elections Canada may be anxious to increase voter turnout,
but
the recent NDP experience suggests that jumping on the online voting
bandwagon could place the validity of the election process at risk.
ndp, online voting Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareMonday April 02, 2012 |
|
|
New records
indicate that the file sharing lawsuits in Quebec against individuals
downloading the Hurt Locker have been withdrawn. The cases attracted wide attention
last year after the Federal Court ordered several ISPs to disclose the
identities of alleged infringers.
copyright, hurt locker Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareFriday March 30, 2012 |
|
The CRTC has finalized
its anti-spam regulations,
retaining some notable new disclosure requirements for some software
installations. The requirements were opposed by the
Entertainment Software Association of Canada and Research in Motion,
who both asked for the requirements to be either dropped or
significantly changed. The regulation requires:
A computer program's material
elements that perform one or more of the functions listed in subsection
10(5) of the Act must be brought to the attention of the person from
whom consent is being sought separately from any other information
provided in a request for consent and the person seeking consent must
obtain an acknowledgement in writing from the person from whom consent
is being sought that they understand and agree that the program
performs the specified functions.
The functions
listed in 10(5) of the Act are:
(a) collecting personal information
stored on the computer system;
(b) interfering with the owner’s or
an authorized user’s control of the computer system;
(c) changing or interfering with
settings, preferences or commands already installed or stored on the
computer system without the knowledge of the owner or an authorized
user of the computer system;
(d) changing or interfering with data
that is stored on the computer system in a manner that obstructs,
interrupts or interferes with lawful access to or use of that data by
the owner or an authorized user of the computer system;
(e) causing the computer system to
communicate with another computer system, or other device, without the
authorization of the owner or an authorized user of the computer system;
(f) installing a computer program
that may be activated by a third party without the knowledge of the
owner or an authorized user of the computer system; and
(g) performing any other function
specified in the regulations.
While this is obviously designed first and foremost at spyware, it
targets many other possibilities including the infamous Sony rootkit
case and other attempts by software or app developers to unexpectedly
collect personal information or interfere with a user's computer. It
could also have an impact on some digital rights management systems,
raising interesting questions about the interaction between these
requirements and the digital lock rules in Bill C-11.
Read More ...
The ESAC objected,
recommending:
section 5 be removed and replaced
with a general requirement that material elements that perform
the
specified functions be brought to the attention of the user "clearly
and prominently". Both the separate consent requests and enhanced
disclosure, along with the requirement to obtain a written
acknowledgement, will create significant problems, generate unnecessary
paperwork and result in further disruptions of the user
experience.
Similarly, RIM stated:
We recommend that this section be
removed or modified to read as follows:
5. A computer
program’s material
elements that perform one or more of the functions listed in subsection
10(5) of the Act must be brought to the attention of the person from
whom consent is being sought in a clear and prominent manner.
The CRTC rejected the recommendations from ESAC and RIM, concluding:
With respect to parties’ submissions
that the requirements contemplated by section 5 of the draft
regulations are excessive, unclear, and not practicable, the Commission
is of the view that the invasive nature of the computer programs in
question warrant the requirement to identify the material elements of
the computer programs separately from the request for consent and to
seek written acknowledgement of the programs’ functions. Accordingly,
the Commission is not persuaded that it would be appropriate to amend
the requirement contemplated in section 5 of the proposed Regulations.
The regulations do not take effect until the entire anti-spam law is
operational. Industry Canada has yet to release its revised
regulations, which may spark another round of consultations and further
delays.
crtc, software, spam Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareThursday March 29, 2012 |
|
View
|
|
|
